From mboxrd@z Thu Jan 1 00:00:00 1970 From: Kees Cook Subject: Re: [dm-devel] [PATCH v2 10/11] crypto: ahash: Remove VLA usage for AHASH_REQUEST_ON_STACK Date: Wed, 27 Jun 2018 11:12:12 -0700 Message-ID: References: <20180625211026.15819-1-keescook@chromium.org> <20180625211026.15819-11-keescook@chromium.org> <20180625225609.GA181665@gmail.com> <20180626091958.zy3m24sjukfbn7av@gondor.apana.org.au> <20180627143453.gu44ghqh6jnaf4tz@gondor.apana.org.au> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Cc: Eric Biggers , Giovanni Cabiddu , Arnd Bergmann , Eric Biggers , Mike Snitzer , "Gustavo A. R. Silva" , qat-linux@intel.com, LKML , dm-devel@redhat.com, linux-crypto , Lars Persson , Tim Chen , "David S. Miller" , Alasdair Kergon , Rabin Vincent To: Herbert Xu Return-path: In-Reply-To: <20180627143453.gu44ghqh6jnaf4tz@gondor.apana.org.au> Sender: linux-kernel-owner@vger.kernel.org List-Id: linux-crypto.vger.kernel.org On Wed, Jun 27, 2018 at 7:34 AM, Herbert Xu wrote: > On Tue, Jun 26, 2018 at 10:02:31AM -0700, Kees Cook wrote: >> >> There is no SHASH_MAX_REQSIZE? >> >> As for users of AHASH_REQUEST_ON_STACK, I see: > > These users are only using the top-level ahash interface. The > underlying algorithms must all be shas. typo? "shash" you mean? I don't really understand the crypto APIs -- are you or Eric able to help me a bit more here? I don't understand that things can wrap other things, so I'm not sure the best way to reason about the maximum size to choose here. (And the same for skcipher.) -Kees -- Kees Cook Pixel Security